NinjaDroid : Ninja Reverse Engineering On Android APK Packages
NinjaDroid is a simple tool to reverse engineering Android APK packages. $ snap install ninjadroid --channel=beta Overview NinjaDroid uses AXMLParser together with a series of Python scripts based on aapt, keytool, string and such to extract a series of information from a given APK package, such as: List of files of the APK: file name, size, MD5, SHA-1, SHA-256 and SHA-512AndroidManifest.xml info: app name, package name, version, sdks, permissions, activities,...
Nimplant : A Cross-Platform Implant Written In Nim
Nimplant is a cross-platform (Linux & Windows) implant written in Nim as a fun project to learn about Nim and see what it can bring to the table for red team tool development. Currently, Nimplant lacks extensive evasive tradecraft; however, overtime Nimplant will become much more sophisticated. Installation To install Nimplant, you'll need Mythic installed on a remote computer. You can...
How Does Your Browser Spy on You?
Unfortunately, we have to admit that we are all under Big Brother's watchful eye. Internet keeps every piece of information even when we don't really want to share it. Indeed, corporations state they need detailed information about a person only to offer intuitive web surfing and optimal advertising. But you shouldn't really trust these «hearty» care words. Close and...
Http-Request-Smuggling : HTTP Request Smuggling Detection Tool
Http-Request-Smuggling is a high severity vulnerability which is a technique where an attacker smuggles an ambiguous HTTP request to bypass security controls and gain unauthorized access to performs malicious activities, the vulnerability was discovered back in 2005 by watchfire and later in August 2019 it re-discovered by James Kettle - (albinowax) and presented at DEF CON 27 and Black-Hat USA, to know more about this vulnerability...
AlanFramework : A Post-Exploitation Framework
AlanFramework is a post-exploitation framework useful during red-team activities. Changelog 3.0.0 - 15/05/2021 Renamed agent shell quit command to exitImplemented agent migration via migrate commandFixed error in retrieving OS versionAdded DLL as agent format in the creation wizard.Implemented ps command to list the currently running processesImplemented download command to locally download a file or an entire directoryImplemented upload command to upload files to the compromised hostImplemented SuccessRequest as HTTP server response option to customize the...
Karton : Distributed Malware Processing Framework Based On Python, Redis And MinIO
Karton is a robust framework for creating flexible and lightweight malware analysis backends. It can be used to connect malware* analysis systems into a robust pipeline with very little effort. We've been in the automation business for a long time. We're dealing with more and more threats, and we have to automate everything to keep up with incidents. Because of this, we often end...
Wsh : Web Shell Generator And Command Line Interface
wsh (pronounced woosh) is a web shell generator and command line interface. This started off as just an http client since interacting with webshells is a pain. There's a form, to send a command you have to type in an input box and press a button. I wanted something that fits into my workflow better and ran in the...
Jarm : Active Transport Layer Security (TLS) server fingerprinting tool
JARM is an active Transport Layer Security (TLS) server fingerprinting tool. JARM fingerprints can be used to: Quickly verify that all servers in a group have the same TLS configuration.Group disparate servers on the internet by configuration, identifying that a server may belong to Google vs. Salesforce vs. Apple, for example.Identify default applications or infrastructure.Identify malware command and control infrastructure and...
Learning The Term Search Engine Optimization and Its Sources
SEO refers to the method of creating an internet site that lot of visibility on a probe engine’s results page. To clarify, a good SEO strategy can place a company’s website at the highest of the list on a Google search page, thus increasing the chance that individuals can visit the positioning. Search engines attempt to produce the foremost...
From Alan Turing to Harvard Computer Science: How Programming Has Changed
Alan Turing’s story about programming is cited by many people because it depicts how the gay community is stigmatized. His contribution cuts across disciplines such as cryptography, biology, mathematics, and artificial intelligence. Turing’s work was initially unrecognized but he later discovered the Turing machine that facilitated the cracking of Enigma code in the world of programming. Programming has changed in...
.png "Matano : The Open-Source Security Lake Platform For AWS")
